package com.tianze.tzkf.utils;


import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 *
 *  WebSocket忽略SSl证书（https后台没配置好的情况下，非紧急情况不得启用）
 *  Create JY BY 2019 / 6 / 6
 *
 */
public class SSLSocketFactoryUtil {

    public static SSLSocketFactory creatSSLSocketFactory(){

        SSLSocketFactory sslSocketFactory = null;

        try {
            SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null,new TrustManager[]{createTrustAllManager()},new SecureRandom());
            sslSocketFactory = sslContext.getSocketFactory();
        } catch (NoSuchAlgorithmException | KeyManagementException e) {
            e.printStackTrace();
        }

        //返回SSLSocketFactory实体对象
        return sslSocketFactory;

    }



    public static X509TrustManager createTrustAllManager(){

        X509TrustManager trustManager = null;

        try {
            trustManager = new X509TrustManager() {
                @Override
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

                }

                @Override
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

                }

                @Override
                public X509Certificate[] getAcceptedIssuers() {
                    //也可以写成new X509Certificate[0]
                    return null;
                }
            };
        }catch (Exception e){

        }

        return trustManager;
    }

}
